In recent years, the Internet has become a major vector for malware propagation. Due to the increasing complexity of web browsers and associated plugins, a considerable number of vulnerabilities have been discovered and are currently being leveraged by attackers to propagate malware samples that bypass standard security measures such as firewalls, which are generally designed to block inbound traffic but allow clients to freely interact with Internet sites.
In order to identify malicious Internet sites, security vendors may use web crawlers and/or other automated bots to inspect, interact with, and analyze Internet sites. Unfortunately, an attacker may escape detection by hiding malicious behavior from web crawlers. For example, an attacker may use a blacklist to block requests from and/or alter behavior for IP addresses associated with security vendors and/or security researchers. Attackers may even trade and circulate such blacklists in order to create nearly complete blacklists. Accordingly, the instant disclosure identifies a need for additional and improved systems and methods for performing Internet site security analyses.